Log files are very valuable files for Linux system security. In Linux, almost all log files are stored in ‘/var/log‘ directory.
Common Linux log files name and usage:
/var/log/message: General message and system related stuff
/var/log/auth.log: Authenication logs
/var/log/kern.log: Kernel logs
/var/log/cron.log: Crond logs (cron job)
/var/log/maillog: Mail server logs
/var/log/qmail/ : Qmail log directory (more files inside this directory)
/var/log/httpd/: Apache access and error logs directory
/var/log/lighttpd: Lighttpd access and error logs directory
/var/log/boot.log : System boot log
/var/log/mysqld.log: MySQL database server log file
/var/log/secure: Authentication log
/var/log/utmp or /var/log/wtmp : Login records file
/var/log/yum.log: Yum log files
/var/log/faillog – Contains user failed login attemps.
The best way to view the log files is to use the -f flag and tail command.
# tail -f /var/log/maillog
You can also view the log files using one of the following commands:
# less /var/log/maillog # more -f /var/log/maillog # vi /var/log/maillog
Thanks to Sriram for this tip (1)